Got 403 when I touch group with delete method in testflight - testflight

After deleting group from testflight I got the url with delete method show as follow:
curl 'https://itunesconnect.apple.com/testflight/v2/providers/team_id/apps/app_id/groups/969071cb-0615-4dac-8b1a-166fd7e89a98?deleteTesters=false' \
-XDELETE \
-H 'DNT: 1' \
-H 'Referer: https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/ra/ng/app/app_id/testflight?section=iosbuilds' \
-H 'Origin: https://itunesconnect.apple.com' \
-H 'Accept: application/json, text/plain, */*' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8' \
-H 'X-Csrf-Itc: itc'
Then I realized this process with fastlane like:
module Spaceship
module TestFlight
module GroupOperations
## TODO: Got 403 error
def delete_group_for_app(apple_id, group_id, delete_testers)
assert_required_params(__method__, binding)
binding.pry
url = "providers/#{team_id}/apps/#{apple_id}/groups/#{group_id}?deleteTesters=#{delete_testers.to_s}"
refer = "https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/ra/ng/app/#{apple_id}/testflight?section=group&subsection=testers&id=#{group_id}"
response = request(:delete) do |req|
req.url url
req.headers['Content-Type'] = 'application/json'
req.headers['Referer'] = refer
req.headers['Origin'] = 'https://itunesconnect.apple.com'
req.headers['X-Requested-With'] = 'XMLHttpRequest'
req.headers['X-Csrf-Itc'] = 'itc'
req.headers['Accept'] = 'application/json, text/plain, */*'
req.headers['Connection'] = 'keep-alive'
end
handle_response(response)
end
end
Client.class_eval { include GroupOperations }
class Client
include GroupOperations
end
end
end
And I got 403 when I called this method after login, select team.
What I want to ask is that dose the itc support to this? If supports, how can fix it?

Yes. It supports.Just adjust the http header and it will pass.

Related

Log into a site and download a file - ruby

I am making a script in the ruby language. This script should log into a site and remove the cookie so that it can be used later to download the file.
I have already made an identical script in bash:
curl --cookie-jar cookie.txt 'https://web.spaggiari.eu/auth-p7/app/default/AuthApi4.php?a=aLoginPwd' -H 'Connection: keep-alive' -H 'Accept: */*' -H 'X-Requested-With: XMLHttpRequest' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4295.0 Safari/537.36 Edg/88.0.680.1' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Origin: https://web.spaggiari.eu' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Dest: empty' -H 'Referer: https://web.spaggiari.eu/home/app/default/login.php?target=atv&mode=' -H 'Accept-Language: it,it-IT;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6' -H 'Cookie: _ga=GA1.2.1118066416.1604149840; webrole=gen; webidentity=K6583250C; __auc=l7176b841757ec5618585876044; weblogin=mail.example#example.it; PHPSESSID=bhsktc6oih4k77ufg2v20edmmkl168em; __asc=4f2356e8175928173ed8b4d9596' --data-raw 'cid=&uid=mail.example%40example.it&pwd=Password&pin=&target=' --compressed
curl --cookie cookie.txt "https://web.spaggiari.eu/fml/app/default/xml_export.php?stampa=%3Astampa%3A&report_name=&tipo=agenda&data=03+11+20&autore_id=6583250&tipo_export=EVENTI_AGENDA_STUDENTI&quad=%3Aquad%3A&materia_id=&classe_id=%3Aclasse_id%3A&gruppo_id=%3Agruppo_id%3A&ope=RPT&dal=$data&al=$data&formato=xls" > /home/tommaso/Documenti/bot/allLinks.txt
I am trying to convert this script to Ruby language. I decided to use net / http and made this command for the first command. However, the part to store the cookie is missing (--cookie-jar cookie.txt):
require 'net/http'
require 'uri'
uri = URI.parse("https://web.spaggiari.eu/auth-p7/app/default/AuthApi4.php?a=aLoginPwd")
request = Net::HTTP::Get.new(uri)
request.content_type = "application/x-www-form-urlencoded; charset=UTF-8"
request["Connection"] = "keep-alive"
request["Accept"] = "*/*"
request["X-Requested-With"] = "XMLHttpRequest"
request["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4295.0 Safari/537.36 Edg/88.0.680.1"
request["Origin"] = "https://web.spaggiari.eu"
request["Sec-Fetch-Site"] = "same-origin"
request["Sec-Fetch-Mode"] = "cors"
request["Sec-Fetch-Dest"] = "empty"
request["Referer"] = "https://web.spaggiari.eu/home/app/default/login.php?target=atv&mode="
request["Accept-Language"] = "it,it-IT;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6"
request["Cookie"] = "_ga=GA1.2.1118066416.1604149840; webrole=gen; webidentity=S6583250C; __auc=b7176b841757ec4912585876044; weblogin=mail.example#example.it; PHPSESSID=cjgqkc6loh4k77ufg2v20edmmkl168em; __asc=4f7916e8175928173ed8b4d9596"
req_options = {
use_ssl: uri.scheme == "https",
}
response = Net::HTTP.start(uri.hostname, uri.port, req_options) do |http|
http.request(request)
end
# response.code
# response.body
For the second code I did this command instead. However, the part to send the cookie to the site is missing (--cookie cookie.txt):
require 'net/http'
require 'uri'
uri = URI.parse("https://web.spaggiari.eu/fml/app/default/xml_export.php?stampa=%3Astampa%3A&report_name=&tipo=agenda&data=03+11+20&autore_id=6583250&tipo_export=EVENTI_AGENDA_STUDENTI&quad=%3Aquad%3A&materia_id=&classe_id=%3Aclasse_id%3A&gruppo_id=%3Agruppo_id%3A&ope=RPT&dal=&al=&formato=xls")
response = Net::HTTP.get_response(uri)
# response.code
# response.body
Can anyone tell me how to insert the missing pieces of code? Thanks so much everyone for the help.
You will need to store/read the cookie from a file.
Once you get the initial cookie from the website server:
response = Net::HTTP.get_response(uri)
File.write('./path/to/cookie.txt', response['set-cookie'])
and then to use it again:
# change this line to
request["Cookie"] = "_ga=.."
request["Cookie"] = File.read('./path/to/cookie.txt')
Edit:
Might have to use something other than get_response for your 2nd request so you can specify some headers:
uri = URI.parse("https://web.spaggiari.eu...")
request = Net::HTTP::Get.new(uri)
request["Cookie"] = File.read('./path/to/cookie.txt')
# you can confirm the presence of the header with this:
request.each_header.entries
# Then send it:
response = Net::HTTP.start(uri.hostname, uri.port, req_options) do |http|
http.request(request)
end
Edit #2
If this is a quick hack, you can get your curl command responses within you ruby program.. just execute them within backticks:
login_response = `curl --cookie-jar cookie.txt 'https://web.spaggiari.<...>`
all_links = `curl --cookie cookie.txt "https://web.spaggiari.eu/fml<...>?&formato=xls"`
puts all_links

Bash script Curl get cookie and re-use? (Error 400. request badly formed)

I want to get Cookie from 1 URL and use this Cookie for next Curl call.
With the code below I'm able to get the Cookie as $session. But the 2. Curl call fails.
Here is what I tried:
#!/bin/bash
session=$(curl -sD - 'http://www.example.com/getLogInCookie' -H 'Cookie: session.LogIn=True;' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H 'Referer: http://www.example.com/login' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.9,nb;q=0.8' --compressed --insecure | tail -n+8 | head -1 | sed "s/Set-Cookie: session.LogInHash=//g" | sed "s/; path=\/; HttpOnly//g");
#session='lwiqadgdlykt'; # If uncomment this line then all work as expected.
echo $session;
cookie="Cookie: session.LogIn=True; session.LogInHash=$session";
result=$(curl -v 'http://www.example.com/StartSession' -H "$cookie" -H 'Connection: keep-alive' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'X-Requested-With: XMLHttpRequest' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36' -H 'Referer: http://www.example.com/login' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.9,nb;q=0.8' --compressed --insecure);
echo $result; # Here result fail with: Error 400. The request is badly formed.
I see I get the Cookie in $session but its not passed to the next Curl call.
If I set $session with the Cookie I got in first Curl call like: session='lwiqadgdlykt'; and retry then I see the session is working.
How can I send/pass the Cookie from 1. Curl to 2. Curl?
When setting a bash variable with results from Curl then it will always append a NEW LINE after the results!
The var: $session have a NEW LINE in the end which was cause of ERROR 400
The solution when setting the Cookie (+ removing NEW Line, Tab etc):
cookie="Cookie: session.LogIn=True; session.LogInHash=${session//[$'\t\r\n ']}";
Here is how I got it working:
#!/bin/bash
session=$(curl -sD - 'http://www.example.com/getLogInCookie' -H 'Cookie: session.LogIn=True;' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H 'Referer: http://www.example.com/login' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.9,nb;q=0.8' --compressed --insecure | tail -n+8 | head -1 | sed "s/Set-Cookie: session.LogInHash=//g" | sed "s/; path=\/; HttpOnly//g");
cookie="Cookie: session.LogIn=True; session.LogInHash=${session//[$'\t\r\n ']}";
result=$(curl -v 'http://www.example.com/StartSession' -H "$cookie" -H 'Connection: keep-alive' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'X-Requested-With: XMLHttpRequest' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36' -H 'Referer: http://www.example.com/login' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.9,nb;q=0.8' --compressed --insecure);
echo $result; # SUCCESS :)

Curl method with authentification problem

I have a little problem with my bearer:
I have a config file with my variable bearer like this:
bearer = "*********"
And I have my script test.sh :
source /home/name/test/config
curl -X GET \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer $bearer' \https://.../api/vendors \-o
json_file/vendors.json
And then when I open my file vendors.json. It say token invalid or was expired and normaly my token is good, I'm sure. So Where is my problem ?
Thanks

How can I retrieve Tinder API authentication?

$ curl -X POST
-H "X-Auth-Token: FB_AUTH_TOKEN" \
-H "Content-type: application/json" \
-H "User-agent: Tinder/7.5.3 (iPhone; iOS 10.3.2; Scale/2.00)" \
https://api.gotinder.com/auth
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 69 100 69 0 0 105 0 --:--:-- --:--:-- --:--:-- 105{"code":400,"error":"Missing authToken#NO_FB_TOKEN","error_no":40001}
Does this mean I go thet incorrect Facebook auth token? I'm following the specifications in this REST API: https://github.com/fbessez/Tinder
Based on the documentation you referred, I can see you are not sending the post data in the request body {'facebook_token': INSERT_HERE, 'facebook_id': INSERT_HERE}
Besides, the docs says X-Auth-Token is not required for /auth
This appears to have been changed as per: https://github.com/fbessez/Tinder/issues/69
Now the request is
curl --location --request POST 'https://api.gotinder.com/v2/auth/login/facebook' \
--header 'platform: ios' \
--header 'User-agent: Tinder/7.5.3 (iPhone; iOS 10.3.2; Scale/2.00)' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
"token": "{{facebook_token}}",
"facebook_id": "{{facebook_id}}"
}'
The changes are:
the URL endpoint
Payload key: 'facebook_token' is now just 'token'

How do i add binary-data to curb POST

I'm trying to do the following POST to Parse Cloud using the Curb gem
curl -X POST \
-H "X-Parse-Application-Id: PARSE_APP_ID" \
-H "X-Parse-REST-API-Key: PARSE_API_KEY" \
-H "Content-Type: image/jpeg" \
--data-binary '#myPicture.jpg' \
https://api.parse.com/1/files/pic.jpg
with this:
curl = Curl::Easy.new("https://api.parse.com/1/files/lion.jpg")
curl.multipart_form_post = true
curl.headers["X-Parse-Application-Id"] = PARSE_APP_ID
curl.headers["X-Parse-REST-API-Key"] = PARSE_API_KEY
curl.headers["Content-Type"] = "image/jpg"
res = curl.http_post(Curl::PostField.file('file', image.path))
Upload goes through with a 201, but it doesn't seem like the file makes it up to the server correctly.
Figured it out:
curl = Curl::Easy.new("https://api.parse.com/1/files/lion.jpg")
curl.headers["X-Parse-Application-Id"] = PARSE_APP_ID
curl.headers["X-Parse-REST-API-Key"] = PARSE_API_KEY
curl.headers["Content-Type"] = "image/jpeg"
data = File.read('/Users/haider/Pictures/lion.jpg')
curl.post_body=data
curl.http_post
puts curl.body_str

Resources